kore.h (32317B)
1 /*
2 * Copyright (c) 2013-2022 Joris Vink <joris@coders.se>
3 *
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17 #ifndef __H_KORE_H
18 #define __H_KORE_H
19
20 #if defined(__APPLE__)
21 #define daemon portability_is_king
22 #endif
23
24 #include <sys/param.h>
25 #include <sys/types.h>
26 #include <sys/time.h>
27 #include <sys/queue.h>
28 #include <sys/stat.h>
29 #include <sys/un.h>
30
31 #include <netinet/in.h>
32 #include <arpa/inet.h>
33
34 #include <errno.h>
35 #include <regex.h>
36 #include <stdarg.h>
37 #include <stdlib.h>
38 #include <stdio.h>
39 #include <signal.h>
40 #include <string.h>
41 #include <syslog.h>
42 #include <unistd.h>
43 #include <stdarg.h>
44
45 #if defined(__cplusplus)
46 extern "C" {
47 #endif
48
49 #if defined(__APPLE__)
50 #undef daemon
51 extern int daemon(int, int);
52 #define st_mtim st_mtimespec
53 #endif
54
55 #if !defined(KORE_NO_SENDFILE)
56 #if defined(__MACH__) || defined(__FreeBSD_version) || defined(__linux__)
57 #define KORE_USE_PLATFORM_SENDFILE 1
58 #endif
59 #endif
60
61 #if defined(__OpenBSD__)
62 #define KORE_USE_PLATFORM_PLEDGE 1
63 #endif
64
65 #if defined(TLS_BACKEND_OPENSSL)
66 #include <openssl/x509.h>
67 #include <openssl/ssl.h>
68 typedef X509 KORE_X509;
69 typedef SSL KORE_TLS;
70 typedef SSL_CTX KORE_TLS_CTX;
71 typedef X509_NAME KORE_X509_NAMES;
72 typedef EVP_PKEY KORE_PRIVATE_KEY;
73 #else
74 typedef void KORE_X509;
75 typedef void KORE_TLS;
76 typedef void KORE_TLS_CTX;
77 typedef void KORE_X509_NAMES;
78 typedef void KORE_PRIVATE_KEY;
79 #endif
80
81 #define KORE_RSAKEY_BITS 4096
82
83 /* Kore quit reasons. */
84 #define KORE_QUIT_NONE -1
85 #define KORE_QUIT_NORMAL 0
86 #define KORE_QUIT_FATAL 1
87
88 #define KORE_RESULT_ERROR 0
89 #define KORE_RESULT_OK 1
90 #define KORE_RESULT_RETRY 2
91
92 #define KORE_TLS_VERSION_1_3 0
93 #define KORE_TLS_VERSION_1_2 1
94 #define KORE_TLS_VERSION_BOTH 2
95
96 #define KORE_BASE64_RAW 0x0001
97
98 #define KORE_WAIT_INFINITE (u_int64_t)-1
99 #define KORE_RESEED_TIME (1800 * 1000)
100
101 #define errno_s strerror(errno)
102 #define ssl_errno_s ERR_error_string(ERR_get_error(), NULL)
103 #define KORE_DOMAINNAME_LEN 255
104 #define KORE_PIDFILE_DEFAULT "kore.pid"
105 #define KORE_DHPARAM_PATH PREFIX "/share/kore/ffdhe4096.pem"
106 #define KORE_DEFAULT_CIPHER_LIST "AEAD-AES256-GCM-SHA384:AEAD-CHACHA20-POLY1305-SHA256:AEAD-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256"
107
108 #define NETBUF_RECV 0
109 #define NETBUF_SEND 1
110 #define NETBUF_SEND_PAYLOAD_MAX 8192
111 #define SENDFILE_PAYLOAD_MAX (1024 * 1024 * 10)
112
113 #define NETBUF_LAST_CHAIN 0
114 #define NETBUF_BEFORE_CHAIN 1
115
116 #define NETBUF_CALL_CB_ALWAYS 0x01
117 #define NETBUF_FORCE_REMOVE 0x02
118 #define NETBUF_MUST_RESEND 0x04
119 #define NETBUF_IS_STREAM 0x10
120 #define NETBUF_IS_FILEREF 0x20
121
122 #define KORE_X509_COMMON_NAME_ONLY 0x0001
123
124 #define KORE_PEM_CERT_CHAIN 1
125 #define KORE_DER_CERT_DATA 2
126
127 /* XXX hackish. */
128 #if !defined(KORE_NO_HTTP)
129 struct http_request;
130 struct http_redirect;
131 #endif
132
133 #define KORE_FILEREF_SOFT_REMOVED 0x1000
134
135 struct kore_fileref {
136 int cnt;
137 int flags;
138 int ontls;
139 off_t size;
140 char *path;
141 u_int64_t mtime;
142 time_t mtime_sec;
143 u_int64_t expiration;
144 void *base;
145 int fd;
146 TAILQ_ENTRY(kore_fileref) list;
147 };
148
149 struct netbuf {
150 u_int8_t *buf;
151 size_t s_off;
152 size_t b_len;
153 size_t m_len;
154 u_int8_t type;
155 u_int8_t flags;
156
157 struct kore_fileref *file_ref;
158 off_t fd_off;
159 off_t fd_len;
160
161 struct connection *owner;
162 void *extra;
163 int (*cb)(struct netbuf *);
164
165 TAILQ_ENTRY(netbuf) list;
166 };
167
168 TAILQ_HEAD(netbuf_head, netbuf);
169
170 #define KORE_TYPE_LISTENER 1
171 #define KORE_TYPE_CONNECTION 2
172 #define KORE_TYPE_PGSQL_CONN 3
173 #define KORE_TYPE_TASK 4
174 #define KORE_TYPE_PYSOCKET 5
175 #define KORE_TYPE_CURL_HANDLE 6
176
177 #define CONN_STATE_UNKNOWN 0
178 #define CONN_STATE_TLS_SHAKE 1
179 #define CONN_STATE_ESTABLISHED 2
180 #define CONN_STATE_DISCONNECTING 3
181
182 #define CONN_PROTO_UNKNOWN 0
183 #define CONN_PROTO_HTTP 1
184 #define CONN_PROTO_WEBSOCKET 2
185 #define CONN_PROTO_MSG 3
186 #define CONN_PROTO_ACME_ALPN 200
187
188 #define KORE_EVENT_READ 0x01
189 #define KORE_EVENT_WRITE 0x02
190 #define KORE_EVENT_ERROR 0x04
191
192 #define CONN_IDLE_TIMER_ACT 0x0001
193 #define CONN_CLOSE_EMPTY 0x0002
194 #define CONN_WS_CLOSE_SENT 0x0004
195 #define CONN_IS_BUSY 0x0008
196 #define CONN_LOG_TLS_FAILURE 0x0020
197 #define CONN_TLS_ALPN_ACME_SEEN 0x0040
198 #define CONN_TLS_SNI_SEEN 0x0080
199
200 #define KORE_IDLE_TIMER_MAX 5000
201
202 #define WEBSOCKET_OP_CONT 0x00
203 #define WEBSOCKET_OP_TEXT 0x01
204 #define WEBSOCKET_OP_BINARY 0x02
205 #define WEBSOCKET_OP_CLOSE 0x08
206 #define WEBSOCKET_OP_PING 0x09
207 #define WEBSOCKET_OP_PONG 0x0a
208
209 #define WEBSOCKET_BROADCAST_LOCAL 1
210 #define WEBSOCKET_BROADCAST_GLOBAL 2
211
212 #define KORE_TIMER_ONESHOT 0x01
213 #define KORE_TIMER_FLAGS (KORE_TIMER_ONESHOT)
214
215 #define KORE_CONNECTION_PRUNE_DISCONNECT 0
216 #define KORE_CONNECTION_PRUNE_ALL 1
217
218 struct kore_event {
219 int type;
220 int flags;
221 void (*handle)(void *, int);
222 } __attribute__((packed));
223
224 struct connection {
225 struct kore_event evt;
226 int fd;
227 u_int8_t state;
228 u_int8_t proto;
229 struct listener *owner;
230 KORE_TLS *tls;
231 KORE_X509 *tls_cert;
232 char *tls_sni;
233 int tls_reneg;
234
235 u_int16_t flags;
236 void *hdlr_extra;
237
238 int (*handle)(struct connection *);
239 void (*disconnect)(struct connection *);
240 int (*read)(struct connection *, size_t *);
241 int (*write)(struct connection *, size_t, size_t *);
242
243 int family;
244 union {
245 struct sockaddr_in ipv4;
246 struct sockaddr_in6 ipv6;
247 struct sockaddr_un sun;
248 } addr;
249
250 struct {
251 u_int64_t length;
252 u_int64_t start;
253 } idle_timer;
254
255 struct netbuf_head send_queue;
256 struct netbuf *snb;
257 struct netbuf *rnb;
258
259 #if !defined(KORE_NO_HTTP)
260 u_int64_t http_start;
261 u_int64_t http_timeout;
262 struct kore_runtime_call *ws_connect;
263 struct kore_runtime_call *ws_message;
264 struct kore_runtime_call *ws_disconnect;
265 TAILQ_HEAD(, http_request) http_requests;
266 #endif
267
268 TAILQ_ENTRY(connection) list;
269 };
270
271 TAILQ_HEAD(connection_list, connection);
272 extern struct connection_list connections;
273 extern struct connection_list disconnected;
274
275 #define KORE_RUNTIME_NATIVE 0
276 #define KORE_RUNTIME_PYTHON 1
277 #define KORE_RUNTIME_LUA 2
278
279 struct kore_runtime {
280 int type;
281 int (*resolve)(const char *, const struct stat *);
282 #if !defined(KORE_NO_HTTP)
283 int (*http_request)(void *, struct http_request *);
284 void (*http_request_free)(void *, struct http_request *);
285 void (*http_body_chunk)(void *,
286 struct http_request *, const void *, size_t);
287 int (*validator)(void *, struct http_request *, const void *);
288 void (*wsconnect)(void *, struct connection *);
289 void (*wsdisconnect)(void *, struct connection *);
290 void (*wsmessage)(void *, struct connection *,
291 u_int8_t, const void *, size_t);
292 #endif
293 void (*execute)(void *);
294 int (*onload)(void *, int);
295 void (*signal)(void *, int);
296 void (*connect)(void *, struct connection *);
297 void (*configure)(void *, int, char **);
298 };
299
300 struct kore_runtime_call {
301 void *addr;
302 struct kore_runtime *runtime;
303 };
304
305 #if !defined(KORE_NO_HTTP)
306
307 struct kore_route_params {
308 char *name;
309 int flags;
310 u_int8_t method;
311 struct kore_validator *validator;
312
313 TAILQ_ENTRY(kore_route_params) list;
314 };
315
316 struct kore_route {
317 char *path;
318 char *func;
319 int type;
320 int errors;
321 int methods;
322 regex_t rctx;
323 struct kore_domain *dom;
324 struct kore_auth *auth;
325 struct kore_runtime_call *rcall;
326 struct kore_runtime_call *on_free;
327 struct kore_runtime_call *on_headers;
328 struct kore_runtime_call *on_body_chunk;
329
330 TAILQ_HEAD(, kore_route_params) params;
331 TAILQ_ENTRY(kore_route) list;
332 };
333
334 #endif
335
336 struct kore_domain {
337 u_int16_t id;
338 int logerr;
339 u_int64_t logwarn;
340 int accesslog;
341
342 char *domain;
343 struct kore_buf *logbuf;
344 struct kore_server *server;
345
346 #if defined(KORE_USE_ACME)
347 int acme;
348 int acme_challenge;
349 void *acme_cert;
350 size_t acme_cert_len;
351 #endif
352 char *cafile;
353 char *crlfile;
354 char *certfile;
355 char *certkey;
356 KORE_TLS_CTX *tls_ctx;
357 int x509_verify_depth;
358 #if !defined(KORE_NO_HTTP)
359 TAILQ_HEAD(, kore_route) routes;
360 TAILQ_HEAD(, http_redirect) redirects;
361 #endif
362 TAILQ_ENTRY(kore_domain) list;
363 };
364
365 TAILQ_HEAD(kore_domain_h, kore_domain);
366
367 extern struct kore_runtime kore_native_runtime;
368
369 struct listener {
370 struct kore_event evt;
371 int fd;
372 int family;
373 char *port;
374 char *host;
375 struct kore_server *server;
376 struct kore_runtime_call *connect;
377
378 LIST_ENTRY(listener) list;
379 };
380
381 struct kore_server {
382 int tls;
383 char *name;
384 struct kore_domain_h domains;
385 LIST_HEAD(, listener) listeners;
386 LIST_ENTRY(kore_server) list;
387 };
388
389 LIST_HEAD(kore_server_list, kore_server);
390
391 #if !defined(KORE_NO_HTTP)
392
393 #define KORE_PARAMS_QUERY_STRING 0x0001
394
395 #define KORE_AUTH_TYPE_COOKIE 1
396 #define KORE_AUTH_TYPE_HEADER 2
397 #define KORE_AUTH_TYPE_REQUEST 3
398
399 struct kore_auth {
400 u_int8_t type;
401 char *name;
402 char *value;
403 char *redirect;
404 struct kore_validator *validator;
405
406 TAILQ_ENTRY(kore_auth) list;
407 };
408
409 #define HANDLER_TYPE_STATIC 1
410 #define HANDLER_TYPE_DYNAMIC 2
411
412 #endif /* !KORE_NO_HTTP */
413
414 #define KORE_MODULE_LOAD 1
415 #define KORE_MODULE_UNLOAD 2
416
417 #define KORE_MODULE_NATIVE KORE_RUNTIME_NATIVE
418 #define KORE_MODULE_PYTHON KORE_RUNTIME_PYTHON
419 #define KORE_MODULE_LUA KORE_RUNTIME_LUA
420
421 struct kore_module;
422
423 struct kore_module_functions {
424 void (*free)(struct kore_module *);
425 void (*reload)(struct kore_module *);
426 int (*callback)(struct kore_module *, int);
427 void (*load)(struct kore_module *);
428 void *(*getsym)(struct kore_module *, const char *);
429 };
430
431 struct kore_module {
432 void *handle;
433 char *path;
434 char *onload;
435 int type;
436 struct kore_runtime_call *ocb;
437
438 struct kore_module_functions *fun;
439 struct kore_runtime *runtime;
440
441 TAILQ_ENTRY(kore_module) list;
442 };
443
444 /*
445 * The workers get a 128KB log buffer per worker, and parent will fetch their
446 * logs when it reached at least 75% of that or if its been > 1 second since
447 * it was last synced.
448 */
449 #define KORE_ACCESSLOG_BUFLEN 131072U
450 #define KORE_ACCESSLOG_SYNC 98304U
451
452 struct kore_alog_header {
453 u_int16_t domain;
454 u_int16_t loglen;
455 } __attribute__((packed));
456
457 struct kore_privsep {
458 char *root;
459 char *runas;
460 int skip_runas;
461 int skip_chroot;
462 };
463
464 struct kore_worker {
465 u_int16_t id;
466 u_int16_t cpu;
467 int ready;
468 int running;
469 #if defined(__linux__)
470 int tracing;
471 #endif
472 pid_t pid;
473 int pipe[2];
474 struct connection *msg[2];
475 u_int8_t has_lock;
476 int restarted;
477 u_int64_t time_locked;
478 struct kore_route *active_route;
479 struct kore_privsep *ps;
480
481 /* Used by the workers to store accesslogs. */
482 struct {
483 int lock;
484 size_t offset;
485 char buf[KORE_ACCESSLOG_BUFLEN];
486 } lb;
487 };
488
489 #if !defined(KORE_NO_HTTP)
490
491 #define KORE_VALIDATOR_TYPE_REGEX 1
492 #define KORE_VALIDATOR_TYPE_FUNCTION 2
493
494 struct kore_validator {
495 u_int8_t type;
496 char *name;
497 char *arg;
498 regex_t rctx;
499 struct kore_runtime_call *rcall;
500
501 TAILQ_ENTRY(kore_validator) list;
502 };
503 #endif /* !KORE_NO_HTTP */
504
505 #define KORE_BUF_OWNER_API 0x0001
506
507 struct kore_buf {
508 u_int8_t *data;
509 int flags;
510 size_t length;
511 size_t offset;
512 };
513
514 #define KORE_JSON_TYPE_OBJECT 0x0001
515 #define KORE_JSON_TYPE_ARRAY 0x0002
516 #define KORE_JSON_TYPE_STRING 0x0004
517 #define KORE_JSON_TYPE_NUMBER 0x0008
518 #define KORE_JSON_TYPE_LITERAL 0x0010
519 #define KORE_JSON_TYPE_INTEGER 0x0020
520 #define KORE_JSON_TYPE_INTEGER_U64 0x0040
521
522 #define KORE_JSON_FALSE 0
523 #define KORE_JSON_TRUE 1
524 #define KORE_JSON_NULL 2
525
526 #define KORE_JSON_DEPTH_MAX 10
527
528 #define KORE_JSON_ERR_NONE 0
529 #define KORE_JSON_ERR_INVALID_OBJECT 1
530 #define KORE_JSON_ERR_INVALID_ARRAY 2
531 #define KORE_JSON_ERR_INVALID_STRING 3
532 #define KORE_JSON_ERR_INVALID_NUMBER 4
533 #define KORE_JSON_ERR_INVALID_LITERAL 5
534 #define KORE_JSON_ERR_DEPTH 6
535 #define KORE_JSON_ERR_EOF 7
536 #define KORE_JSON_ERR_INVALID_JSON 8
537 #define KORE_JSON_ERR_INVALID_SEARCH 9
538 #define KORE_JSON_ERR_NOT_FOUND 10
539 #define KORE_JSON_ERR_TYPE_MISMATCH 11
540 #define KORE_JSON_ERR_LAST KORE_JSON_ERR_TYPE_MISMATCH
541
542 #define kore_json_find_object(j, p) \
543 kore_json_find(j, p, KORE_JSON_TYPE_OBJECT)
544
545 #define kore_json_find_array(j, p) \
546 kore_json_find(j, p, KORE_JSON_TYPE_ARRAY)
547
548 #define kore_json_find_string(j, p) \
549 kore_json_find(j, p, KORE_JSON_TYPE_STRING)
550
551 #define kore_json_find_number(j, p) \
552 kore_json_find(j, p, KORE_JSON_TYPE_NUMBER)
553
554 #define kore_json_find_integer(j, p) \
555 kore_json_find(j, p, KORE_JSON_TYPE_INTEGER)
556
557 #define kore_json_find_integer_u64(j, p) \
558 kore_json_find(j, p, KORE_JSON_TYPE_INTEGER_U64)
559
560 #define kore_json_find_literal(j, p) \
561 kore_json_find(j, p, KORE_JSON_TYPE_LITERAL)
562
563 #define kore_json_create_object(o, n) \
564 kore_json_create_item(o, n, KORE_JSON_TYPE_OBJECT)
565
566 #define kore_json_create_array(o, n) \
567 kore_json_create_item(o, n, KORE_JSON_TYPE_ARRAY)
568
569 #define kore_json_create_string(o, n, v) \
570 kore_json_create_item(o, n, KORE_JSON_TYPE_STRING, v)
571
572 #define kore_json_create_number(o, n, v) \
573 kore_json_create_item(o, n, KORE_JSON_TYPE_NUMBER, (double)v)
574
575 #define kore_json_create_integer(o, n, v) \
576 kore_json_create_item(o, n, KORE_JSON_TYPE_INTEGER, (int64_t)v)
577
578 #define kore_json_create_integer_u64(o, n, v) \
579 kore_json_create_item(o, n, KORE_JSON_TYPE_INTEGER_U64, (u_int64_t)v)
580
581 #define kore_json_create_literal(o, n, v) \
582 kore_json_create_item(o, n, KORE_JSON_TYPE_LITERAL, v)
583
584 struct kore_json {
585 const u_int8_t *data;
586 int depth;
587 size_t length;
588 size_t offset;
589
590 struct kore_buf tmpbuf;
591 struct kore_json_item *root;
592 };
593
594 struct kore_json_item {
595 u_int32_t type;
596 char *name;
597 struct kore_json_item *parent;
598
599 union {
600 TAILQ_HEAD(, kore_json_item) items;
601 char *string;
602 double number;
603 int literal;
604 int64_t integer;
605 u_int64_t u64;
606 } data;
607
608 int (*parse)(struct kore_json *,
609 struct kore_json_item *);
610
611 TAILQ_ENTRY(kore_json_item) list;
612 };
613
614 struct kore_pool_entry {
615 u_int8_t state;
616 void *uptr;
617 void *canary;
618 struct kore_pool_entry *nextfree;
619 };
620
621 struct kore_pool {
622 size_t memsz;
623 size_t growth;
624 size_t pagesz;
625 size_t elmlen;
626 size_t uselen;
627 u_int64_t canary;
628 volatile int lock;
629 char *name;
630
631 struct kore_pool_entry *freelist;
632 };
633
634 struct kore_timer {
635 u_int64_t nextrun;
636 u_int64_t interval;
637 int flags;
638 void *arg;
639 void (*cb)(void *, u_int64_t);
640
641 TAILQ_ENTRY(kore_timer) list;
642 };
643
644 /*
645 * Keymgr process is worker index 0, but id 2000.
646 * Acme process is worker index 1, but id 2001.
647 */
648 #define KORE_WORKER_KEYMGR_IDX 0
649 #define KORE_WORKER_ACME_IDX 1
650 #define KORE_WORKER_BASE 2
651 #define KORE_WORKER_KEYMGR 2000
652 #define KORE_WORKER_ACME 2001
653 #define KORE_WORKER_MAX UCHAR_MAX
654
655 #define KORE_WORKER_POLICY_RESTART 1
656 #define KORE_WORKER_POLICY_TERMINATE 2
657
658 /* Reserved message ids, registered on workers. */
659 #define KORE_MSG_WEBSOCKET 1
660 #define KORE_MSG_KEYMGR_REQ 2
661 #define KORE_MSG_KEYMGR_RESP 3
662 #define KORE_MSG_SHUTDOWN 4
663 #define KORE_MSG_ENTROPY_REQ 5
664 #define KORE_MSG_ENTROPY_RESP 6
665 #define KORE_MSG_CERTIFICATE 7
666 #define KORE_MSG_CERTIFICATE_REQ 8
667 #define KORE_MSG_CRL 9
668 #define KORE_MSG_ACCEPT_AVAILABLE 10
669 #define KORE_PYTHON_SEND_OBJ 11
670 #define KORE_MSG_WORKER_LOG 12
671 #define KORE_MSG_FATALX 13
672 #define KORE_MSG_ACME_BASE 100
673
674 /* messages for applications should start at 201. */
675 #define KORE_MSG_APP_BASE 200
676
677 /* Predefined message targets. */
678 #define KORE_MSG_PARENT 1000
679 #define KORE_MSG_WORKER_ALL 1001
680
681 struct kore_msg {
682 u_int8_t id;
683 u_int16_t src;
684 u_int16_t dst;
685 size_t length;
686 };
687
688 struct kore_keyreq {
689 int padding;
690 char domain[KORE_DOMAINNAME_LEN + 1];
691 size_t data_len;
692 u_int8_t data[];
693 };
694
695 struct kore_x509_msg {
696 char domain[KORE_DOMAINNAME_LEN + 1];
697 size_t data_len;
698 u_int8_t data[];
699 };
700
701 #if !defined(KORE_SINGLE_BINARY)
702 extern char *config_file;
703 #endif
704
705 extern pid_t kore_pid;
706 extern int kore_quit;
707 extern int kore_quiet;
708 extern int skip_chroot;
709 extern int skip_runas;
710 extern int kore_mem_guard;
711 extern int kore_foreground;
712
713 extern char *kore_pidfile;
714
715 extern volatile sig_atomic_t sig_recv;
716
717 extern char *kore_rand_file;
718 extern int kore_keymgr_active;
719
720 extern struct kore_privsep worker_privsep;
721 extern struct kore_privsep keymgr_privsep;
722 extern struct kore_privsep acme_privsep;
723
724 extern u_int8_t nlisteners;
725 extern u_int16_t cpu_count;
726 extern u_int8_t worker_count;
727 extern const char *kore_version;
728 extern const char *kore_build_date;
729 extern int worker_policy;
730 extern u_int8_t worker_set_affinity;
731 extern u_int32_t worker_rlimit_nofiles;
732 extern u_int32_t worker_max_connections;
733 extern u_int32_t worker_active_connections;
734 extern u_int32_t worker_accept_threshold;
735 extern u_int64_t kore_websocket_maxframe;
736 extern u_int64_t kore_websocket_timeout;
737 extern u_int32_t kore_socket_backlog;
738
739 extern struct kore_worker *worker;
740 extern struct kore_pool nb_pool;
741 extern struct kore_domain *primary_dom;
742 extern struct kore_server_list kore_servers;
743
744 /* kore.c */
745 void kore_signal(int);
746 void kore_shutdown(void);
747 void kore_signal_trap(int);
748 void kore_signal_setup(void);
749 void kore_proctitle(const char *);
750 void kore_default_getopt(int, char **);
751
752 void kore_server_closeall(void);
753 void kore_server_cleanup(void);
754 void kore_server_free(struct kore_server *);
755 void kore_server_finalize(struct kore_server *);
756 void kore_hooks_set(const char *, const char *, const char *);
757
758 struct kore_server *kore_server_create(const char *);
759 struct kore_server *kore_server_lookup(const char *);
760
761 void kore_listener_accept(void *, int);
762 struct listener *kore_listener_lookup(const char *);
763 void kore_listener_free(struct listener *);
764 struct listener *kore_listener_create(struct kore_server *);
765 int kore_listener_init(struct listener *, int, const char *);
766
767 int kore_sockopt(int, int, int);
768 int kore_server_bind_unix(struct kore_server *,
769 const char *, const char *);
770 int kore_server_bind(struct kore_server *,
771 const char *, const char *, const char *);
772 /* worker.c */
773 void kore_worker_reap(void);
774 int kore_worker_init(void);
775 void kore_worker_privsep(void);
776 void kore_worker_started(void);
777 void kore_worker_make_busy(void);
778 void kore_worker_shutdown(void);
779 void kore_worker_dispatch_signal(int);
780 int kore_worker_spawn(u_int16_t, u_int16_t, u_int16_t);
781 int kore_worker_keymgr_response_verify(struct kore_msg *,
782 const void *, struct kore_domain **);
783
784 void kore_worker_entry(struct kore_worker *) __attribute__((noreturn));
785
786 struct kore_worker *kore_worker_data(u_int8_t);
787 struct kore_worker *kore_worker_data_byid(u_int16_t);
788
789 /* platform code (linux.c, bsd.c) */
790 void kore_platform_init(void);
791 void kore_platform_sandbox(void);
792 void kore_platform_event_init(void);
793 void kore_platform_event_cleanup(void);
794 void kore_platform_disable_read(int);
795 void kore_platform_disable_write(int);
796 void kore_platform_enable_accept(void);
797 void kore_platform_disable_accept(void);
798 void kore_platform_event_wait(u_int64_t);
799 void kore_platform_event_all(int, void *);
800 void kore_platform_event_level_all(int, void *);
801 void kore_platform_event_level_read(int, void *);
802 void kore_platform_proctitle(const char *);
803 void kore_platform_schedule_read(int, void *);
804 void kore_platform_schedule_write(int, void *);
805 void kore_platform_event_schedule(int, int, int, void *);
806 void kore_platform_worker_setcpu(struct kore_worker *);
807 u_int32_t kore_platform_random_uint32(void);
808
809 #if defined(KORE_USE_PLATFORM_SENDFILE)
810 int kore_platform_sendfile(struct connection *, struct netbuf *);
811 #endif
812
813 #if defined(KORE_USE_PLATFORM_PLEDGE)
814 void kore_platform_pledge(void);
815 void kore_platform_add_pledge(const char *);
816 #endif
817
818 /* tls variants. */
819 #define KORE_X509_NAME_COMMON_NAME 1
820
821 void kore_tls_init(void);
822 void kore_tls_cleanup(void);
823 void kore_tls_dh_check(void);
824 int kore_tls_supported(void);
825 void kore_tls_version_set(int);
826 void kore_tls_keymgr_init(void);
827 void kore_tls_log_version(void);
828 int kore_tls_dh_load(const char *);
829 void kore_tls_seed(const void *, size_t);
830 int kore_tls_ciphersuite_set(const char *);
831 int kore_tls_read(struct connection *, size_t *);
832 void kore_tls_domain_cleanup(struct kore_domain *);
833 int kore_tls_connection_accept(struct connection *);
834 void kore_tls_connection_cleanup(struct connection *);
835 int kore_tls_write(struct connection *, size_t, size_t *);
836 void kore_tls_domain_crl(struct kore_domain *, const void *, size_t);
837 void kore_tls_domain_setup(struct kore_domain *,
838 int, const void *, size_t);
839
840 KORE_PRIVATE_KEY *kore_tls_rsakey_load(const char *);
841 KORE_PRIVATE_KEY *kore_tls_rsakey_generate(const char *);
842
843 int kore_tls_x509_data(struct connection *, u_int8_t **, size_t *);
844 KORE_X509_NAMES *kore_tls_x509_issuer_name(struct connection *);
845 KORE_X509_NAMES *kore_tls_x509_subject_name(struct connection *);
846 int kore_tls_x509name_foreach(KORE_X509_NAMES *, int, void *,
847 int (*)(void *, int, int, const char *,
848 const void *, size_t, int));
849 /* accesslog.c */
850 void kore_accesslog_init(u_int16_t);
851 void kore_accesslog_worker_init(void);
852 void kore_accesslog_run(void *, u_int64_t);
853 void kore_accesslog_gather(void *, u_int64_t, int);
854
855 #if !defined(KORE_NO_HTTP)
856 /* auth.c */
857 int kore_auth_run(struct http_request *, struct kore_auth *);
858 int kore_auth_cookie(struct http_request *, struct kore_auth *);
859 int kore_auth_header(struct http_request *, struct kore_auth *);
860 int kore_auth_request(struct http_request *, struct kore_auth *);
861 void kore_auth_init(void);
862 int kore_auth_new(const char *);
863 struct kore_auth *kore_auth_lookup(const char *);
864 #endif
865
866 /* timer.c */
867 void kore_timer_init(void);
868 void kore_timer_run(u_int64_t);
869 u_int64_t kore_timer_next_run(u_int64_t);
870 void kore_timer_remove(struct kore_timer *);
871 struct kore_timer *kore_timer_add(void (*cb)(void *, u_int64_t),
872 u_int64_t, void *, int);
873
874 /* connection.c */
875 void kore_connection_init(void);
876 void kore_connection_cleanup(void);
877 void kore_connection_prune(int);
878 struct connection *kore_connection_new(void *);
879 void kore_connection_event(void *, int);
880 int kore_connection_nonblock(int, int);
881 void kore_connection_check_timeout(u_int64_t);
882 int kore_connection_handle(struct connection *);
883 void kore_connection_remove(struct connection *);
884 void kore_connection_disconnect(struct connection *);
885 void kore_connection_start_idletimer(struct connection *);
886 void kore_connection_stop_idletimer(struct connection *);
887 void kore_connection_check_idletimer(u_int64_t,
888 struct connection *);
889 int kore_connection_accept(struct listener *,
890 struct connection **);
891 void kore_connection_log(struct connection *,
892 const char *, ...)
893 __attribute__((format (printf, 2, 3)));
894 const char *kore_connection_ip(struct connection *);
895
896 void kore_log_init(void);
897 void kore_log_file(const char *);
898
899 /* config.c */
900 void kore_parse_config(void);
901 void kore_parse_config_file(FILE *);
902 int kore_configure_setting(const char *, char *);
903
904 /* mem.c */
905 void *kore_malloc(size_t);
906 void *kore_mmap_region(size_t);
907 void *kore_calloc(size_t, size_t);
908 void *kore_realloc(void *, size_t);
909 void kore_free(void *);
910 void kore_mem_init(void);
911 void kore_free_zero(void *);
912 void kore_mem_cleanup(void);
913 void kore_mem_untag(void *);
914 void *kore_mem_lookup(u_int32_t);
915 void kore_mem_zero(void *, size_t);
916 void kore_mem_tag(void *, u_int32_t);
917 void *kore_malloc_tagged(size_t, u_int32_t);
918
919 /* pool.c */
920 void *kore_pool_get(struct kore_pool *);
921 void kore_pool_put(struct kore_pool *, void *);
922 void kore_pool_init(struct kore_pool *, const char *,
923 size_t, size_t);
924 void kore_pool_cleanup(struct kore_pool *);
925
926 /* utils.c */
927 void fatal(const char *, ...) __attribute__((noreturn))
928 __attribute__((format (printf, 1, 2)));
929 void fatalx(const char *, ...) __attribute__((noreturn))
930 __attribute__((format (printf, 1, 2)));
931
932 u_int64_t kore_time_ms(void);
933 char *kore_time_to_date(time_t);
934 char *kore_strdup(const char *);
935 time_t kore_date_to_time(const char *);
936 void kore_log(int, const char *, ...)
937 __attribute__((format (printf, 2, 3)));
938 u_int64_t kore_strtonum64(const char *, int, int *);
939 size_t kore_strlcpy(char *, const char *, const size_t);
940 void kore_server_disconnect(struct connection *);
941 int kore_split_string(char *, const char *, char **, size_t);
942 void kore_strip_chars(const char *, const char, char **);
943 int kore_snprintf(char *, size_t, int *, const char *, ...)
944 __attribute__((format (printf, 4, 5)));
945 long long kore_strtonum(const char *, int, long long, long long, int *);
946 double kore_strtodouble(const char *, long double, long double, int *);
947 int kore_base64_encode(const void *, size_t, char **);
948 int kore_base64_decode(const char *, u_int8_t **, size_t *);
949 int kore_base64url_encode(const void *, size_t, char **, int);
950 int kore_base64url_decode(const char *, u_int8_t **, size_t *, int);
951 int kore_x509_issuer_name(struct connection *, char **, int);
952 int kore_x509_subject_name(struct connection *, char **, int);
953
954 void *kore_mem_find(void *, size_t, const void *, size_t);
955 char *kore_text_trim(char *, size_t);
956 char *kore_read_line(FILE *, char *, size_t);
957
958 #if !defined(KORE_NO_HTTP)
959 /* websocket.c */
960 void kore_websocket_handshake(struct http_request *,
961 const char *, const char *, const char *);
962 int kore_websocket_send_clean(struct netbuf *);
963 void kore_websocket_send(struct connection *,
964 u_int8_t, const void *, size_t);
965 void kore_websocket_broadcast(struct connection *,
966 u_int8_t, const void *, size_t, int);
967 #endif
968
969 /* msg.c */
970 void kore_msg_init(void);
971 void kore_msg_worker_init(void);
972 void kore_msg_parent_init(void);
973 void kore_msg_unregister(u_int8_t);
974 void kore_msg_parent_add(struct kore_worker *);
975 void kore_msg_parent_remove(struct kore_worker *);
976 void kore_msg_send(u_int16_t, u_int8_t, const void *, size_t);
977 int kore_msg_register(u_int8_t,
978 void (*cb)(struct kore_msg *, const void *));
979
980 #if !defined(KORE_NO_HTTP)
981 /* filemap.c */
982 void kore_filemap_init(void);
983 void kore_filemap_resolve_paths(void);
984 extern char *kore_filemap_ext;
985 extern char *kore_filemap_index;
986
987 struct kore_route *kore_filemap_create(struct kore_domain *, const char *,
988 const char *, const char *);
989 #endif
990
991 /* fileref.c */
992 void kore_fileref_init(void);
993 struct kore_fileref *kore_fileref_get(const char *, int);
994 struct kore_fileref *kore_fileref_create(struct kore_server *,
995 const char *, int, off_t, struct timespec *);
996 void kore_fileref_release(struct kore_fileref *);
997
998 /* domain.c */
999 struct kore_domain *kore_domain_new(const char *);
1000 struct kore_domain *kore_domain_byid(u_int16_t);
1001 struct kore_domain *kore_domain_lookup(struct kore_server *, const char *);
1002
1003 void kore_domain_init(void);
1004 void kore_domain_cleanup(void);
1005 void kore_domain_free(struct kore_domain *);
1006 void kore_module_init(void);
1007 void kore_module_cleanup(void);
1008 void kore_module_reload(int);
1009 void kore_module_onload(void);
1010 int kore_module_loaded(void);
1011 void kore_domain_closelogs(void);
1012 void *kore_module_getsym(const char *, struct kore_runtime **);
1013 void kore_domain_load_crl(void);
1014 void kore_domain_keymgr_init(void);
1015 void kore_domain_callback(void (*cb)(struct kore_domain *));
1016 int kore_domain_attach(struct kore_domain *, struct kore_server *);
1017
1018 #if !defined(KORE_NO_HTTP)
1019 /* route.c */
1020 void kore_route_reload(void);
1021 void kore_route_free(struct kore_route *);
1022 void kore_route_callback(struct kore_route *, const char *);
1023
1024 struct kore_route *kore_route_create(struct kore_domain *,
1025 const char *, int);
1026 int kore_route_lookup(struct http_request *,
1027 struct kore_domain *, int, struct kore_route **);
1028 #endif
1029
1030 /* runtime.c */
1031 const size_t kore_runtime_count(void);
1032 struct kore_runtime_call *kore_runtime_getcall(const char *);
1033 struct kore_module *kore_module_load(const char *,
1034 const char *, int);
1035
1036 void kore_runtime_execute(struct kore_runtime_call *);
1037 int kore_runtime_onload(struct kore_runtime_call *, int);
1038 void kore_runtime_signal(struct kore_runtime_call *, int);
1039 void kore_runtime_resolve(const char *, const struct stat *);
1040 void kore_runtime_configure(struct kore_runtime_call *, int, char **);
1041 void kore_runtime_connect(struct kore_runtime_call *, struct connection *);
1042 #if !defined(KORE_NO_HTTP)
1043 int kore_runtime_http_request(struct kore_runtime_call *,
1044 struct http_request *);
1045 void kore_runtime_http_request_free(struct kore_runtime_call *,
1046 struct http_request *);
1047 void kore_runtime_http_body_chunk(struct kore_runtime_call *,
1048 struct http_request *, const void *, size_t);
1049 int kore_runtime_validator(struct kore_runtime_call *,
1050 struct http_request *, const void *);
1051 void kore_runtime_wsconnect(struct kore_runtime_call *, struct connection *);
1052 void kore_runtime_wsdisconnect(struct kore_runtime_call *,
1053 struct connection *);
1054 void kore_runtime_wsmessage(struct kore_runtime_call *,
1055 struct connection *, u_int8_t, const void *, size_t);
1056 #endif
1057
1058 #if !defined(KORE_NO_HTTP)
1059 /* validator.c */
1060 void kore_validator_init(void);
1061 void kore_validator_reload(void);
1062 int kore_validator_add(const char *, u_int8_t, const char *);
1063 int kore_validator_run(struct http_request *, const char *, char *);
1064 int kore_validator_check(struct http_request *,
1065 struct kore_validator *, const void *);
1066 struct kore_validator *kore_validator_lookup(const char *);
1067 #endif
1068
1069 const char *kore_worker_name(int);
1070
1071 /* net.c */
1072 u_int16_t net_read16(u_int8_t *);
1073 u_int32_t net_read32(u_int8_t *);
1074 u_int64_t net_read64(u_int8_t *);
1075 void net_write16(u_int8_t *, u_int16_t);
1076 void net_write32(u_int8_t *, u_int32_t);
1077 void net_write64(u_int8_t *, u_int64_t);
1078
1079 void net_init(void);
1080 void net_cleanup(void);
1081 struct netbuf *net_netbuf_get(void);
1082 int net_send(struct connection *);
1083 int net_send_flush(struct connection *);
1084 int net_recv_flush(struct connection *);
1085 int net_read(struct connection *, size_t *);
1086 int net_write(struct connection *, size_t, size_t *);
1087 void net_recv_reset(struct connection *, size_t,
1088 int (*cb)(struct netbuf *));
1089 void net_remove_netbuf(struct connection *, struct netbuf *);
1090 void net_recv_queue(struct connection *, size_t, int,
1091 int (*cb)(struct netbuf *));
1092 void net_recv_expand(struct connection *c, size_t,
1093 int (*cb)(struct netbuf *));
1094 void net_send_queue(struct connection *, const void *, size_t);
1095 void net_send_stream(struct connection *, void *,
1096 size_t, int (*cb)(struct netbuf *), struct netbuf **);
1097 void net_send_fileref(struct connection *, struct kore_fileref *);
1098
1099 /* buf.c */
1100 void kore_buf_free(struct kore_buf *);
1101 struct kore_buf *kore_buf_alloc(size_t);
1102 void kore_buf_init(struct kore_buf *, size_t);
1103 void kore_buf_append(struct kore_buf *, const void *, size_t);
1104 u_int8_t *kore_buf_release(struct kore_buf *, size_t *);
1105 void kore_buf_reset(struct kore_buf *);
1106 void kore_buf_cleanup(struct kore_buf *);
1107
1108 char *kore_buf_stringify(struct kore_buf *, size_t *);
1109 void kore_buf_appendf(struct kore_buf *, const char *, ...)
1110 __attribute__((format (printf, 2, 3)));
1111 void kore_buf_appendv(struct kore_buf *, const char *, va_list)
1112 __attribute__((format (printf, 2, 0)));
1113 void kore_buf_replace_string(struct kore_buf *,
1114 const char *, const void *, size_t);
1115
1116 /* json.c */
1117 int kore_json_errno(void);
1118 int kore_json_parse(struct kore_json *);
1119 void kore_json_cleanup(struct kore_json *);
1120 void kore_json_item_free(struct kore_json_item *);
1121 void kore_json_init(struct kore_json *, const void *, size_t);
1122 void kore_json_item_tobuf(struct kore_json_item *, struct kore_buf *);
1123 void kore_json_item_attach(struct kore_json_item *, struct kore_json_item *);
1124
1125 const char *kore_json_strerror(void);
1126 struct kore_json_item *kore_json_find(struct kore_json_item *,
1127 const char *, u_int32_t);
1128 struct kore_json_item *kore_json_create_item(struct kore_json_item *,
1129 const char *, u_int32_t, ...);
1130
1131 /* keymgr.c */
1132 void kore_keymgr_run(void);
1133 void kore_keymgr_cleanup(int);
1134
1135 #if defined(__cplusplus)
1136 }
1137 #endif
1138
1139 #endif /* !__H_KORE_H */